[glib-networking/wip/nacho/openssl: 4/5] openssl: do not leak the peer certificate



commit 419fba816ec63fc3ceda8e90df7cc813273577e0
Author: Ignacio Casal Quinteiro <icq gnome org>
Date:   Tue Sep 18 17:09:41 2018 +0200

    openssl: do not leak the peer certificate

 tls/openssl/gtlsconnection-openssl.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
---
diff --git a/tls/openssl/gtlsconnection-openssl.c b/tls/openssl/gtlsconnection-openssl.c
index fbcb869..d848d5e 100644
--- a/tls/openssl/gtlsconnection-openssl.c
+++ b/tls/openssl/gtlsconnection-openssl.c
@@ -261,9 +261,13 @@ get_peer_certificate (GTlsConnectionOpenssl *openssl)
 
   certs = SSL_get_peer_cert_chain (ssl);
   if (certs == NULL)
-    return NULL;
+    {
+      X509_free (peer);
+      return NULL;
+    }
 
   chain = g_tls_certificate_openssl_build_chain (peer, certs);
+  X509_free (peer);
   if (!chain)
     return NULL;
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]